Many DDoS attacks might not be all they seem

Cybercriminals are increasingly using Distributed Denial of Service (DDoS) attacks as a diversion while they run more damaging data exfiltration operations at the same time, new research has claimed.

A report from cybersecurity experts StormWall found the number of DDoS attacks used as a smokescreen in January 2023 rose by 28% globally compared to the same period of the previous year.

StormWall’s data shows that in January 2023, fintech, retail, and gaming were the industries hit by the most “smokescreen DDoS” attacks. The fintech sector recorded a 71% increase, the retail sector 51%, and the gaming sector 47% respectively, year-on-year. Other notable mentions, the report claims, include the education sector (16% rise), the healthcare industry (14% rise), and the telecommunications sector (8%). 

Sneak attacks

Looking at specific geographies, companies in the U.S. suffered the most, with a 32% increase year-on-year. China was placed second with a 25% rise, followed by the UK with 17%.

The premise is simple: if a company does not have enough staff, technology and automation solutions, and other resources, it can only address a limited amount of threats at the same time. 

Therefore, a distributed denial of service attack could require all hands on deck, leaving few resources to tackle any additional threats. While the IT team struggles to contain the DDoS attack, the attackers can focus on exfiltrating sensitive data which they can later sell on the black market or use for extortion.

Threat actors are at a significant advantage here as most DDoS attacks can be automated relatively easily. 

But even if they’re not being used as a smokescreen, DDoS attacks are growing increasingly popular. A recent report from Qrator Labs claims the number of DDoS attacks rose “significantly” in 2022, with the minimum figures for the last ten months “significantly higher” than peak values seen in the past.

The duration of DDoS attacks increased ten times in just a year, showing increased capabilities from the attackers in terms of their hardware, as well.

Go to Source